FEDERAL PERSONNEL/PAYROLL SYSTEM (FPPS) 
Computer System Access Request Form 


| understand that when | use any of the National Business Center (NBC) Computer Systems and/or Automated Information Resources or gain access 
to any information therein, such use or access shall be limited to official Government business. Further, | understand that any use of the 
aforementioned systems or information that is not official Government business may result in disciplinary action consistent with the nature and 
scope of such activity. | have read the attached FPPS computer system access request form information and the Rules of Behavior. | understand 
them and | agree to comply with them. | WILL REPORT ANY VIOLATION OF THESE RULES TO MY SUPERVISOR. Any references made to the Agency 
should be regarded as being inclusive of the Assistant Secretary — Indian Affairs (AS-IA), Bureau of Indian Affairs (BIA) and Bureau of Indian 
Education (BIE) personnel who use FPPS or perform administrative and security related duties in its operation. 


This form supersedes previously submitted forms. 


Reason for Request: |] New User [|] Change User |] Form Recertification [|] Delete User 


Employee Type: [| Permanent [] Temporary [J Contractor 


(PLEASE TYPE OR PRINT TO COMPLETE FORM) 
EMPLOYEE INFORMATION 


Effective Date: 








FPPS User ID: 








Legal Last Name, First and Middle Initial 


Telephone No.: Employee’s Organization Code: 








SSN (Last 4-Digits): 





Duty Location (City & State) 





Employee’s Work Email Address Title and Name of Supervisor/Manager 





Employee’s Signature Date Supervisor/Manager’s Signature Date 








FPPS AUTHORITIES AND ORG CODE RANGE 
Organization Code Range: 
|] Initiator [| Requestor [| Authorizer [| Concurrer 
|_| View Only [| SPO User [| SPOC — Password Reset 


PLEASE return to the Office of Human Resources Systems FPPS Security-Administrators: 
































Carl Cook Desk: 405-247-4957 Fax: 405-247-6953 E-mail: carl.cook@bia.gov 

Gayla Schock Desk: 405-247-2834 405-247-6953 E-mail: gayla.schock@bia.gov 

Jack Kuntz Desk: 406-247-7956 406-247-7902 E-mail: jack.kuntz@bia.gov 

Shirley Merson Desk: 405-247-2938 405-247-6953 E-mail: shirley. merson@bia.gov 

FOR SPOC USE ONLY 

Signature of Security-Admin: Date Entered in Log: 
Form Received: DSAF Subm: DSAF Rtd: User Notified: 
FPPS User ID: USER: RPTH: WGI/PRB RPTH : 











Solicitation of your Social Security Number (SSN) is authorized by Executive Order 9397, which requires agencies to use the SSN as the means for identifying 
individuals in personnel information systems. Your SSN will only be used to establish your access to FPPS. Furnishing your SSN is voluntary and failure to do so will 
have no effect on you. It should be noted, however, that where individuals decline to furnish their SSN, the SSN will be obtained from other records in order to 
complete registration. 
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FPPS COMPUTER SYSTEM ACCESS REQUEST FORM INFORMATION: 


FPPS Authorities/Roles: 
Initiator (INI): A requesting office user who can create/initiate SF-52 transactions. An initiator has no signature authority. 


Requestor (REQ): A requesting office user who can create/initiate SF-52 transactions and has a requester signature 
authority. 


Authorizer (AUT): A requesting office user who has SF-52 authorizer signature authority. This approval signature is 
required on all actions. 


Concurrer (CON): A user who has SF-52 concurrence signature authority. This access is usually a budget person. 


View Only (VWR): Has viewer capability only. This command is automatically granted with other FPPS roles. 
SPO (SPO) User: A servicing personnel office user. 


Security Point of Contact (SPOC)-Password Reset: A limited number of Human Resources employees who reset 
passwords for a group of FPPS users. 


Org Code Range: List the entire range of organizational codes the employee needs to be able to access. 

System Access Revocation: 

Password expiration: If a new user is created and never signs on, they will be revoked after 90 days. 

User Inactivity: If a user was active at some date and then is inactive for more than 80 days, they will be revoked. 
Invalid Attempts: A user will be revoked after 3 invalid password attempts. 

Security-Admin Revocation: A user will be revoked for unauthorized use or disclosure or failure to comply with policy or 


other Agency requirements. Supervisors or higher level authorities can also request users accesses be revoked. 
Unauthorized use may subject violators to criminal, civil, and/or disciplinary action. 


All users who lapse into a revoked status for 6 months or more will be required to submit a new FPPS Computer System 
Access Request Form. 


System Access Removals: 


The removal of a user’s access to the NBC mainframe system and FPPS is based on a person’s departure from Agency for 
any reason, non-use of accesses, transfers within the Bureau to other Regions or ELO, changes in duties or requests by 
proper authority to have a user’s accesses removed. Access removals may also include departure due to resignation, 
death, retirement or medical leave of absence. To assist in ensuring terminations are processed timely, the Security- 
Admin will pull bi-weekly separation reports. 
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RULES OF BEHAVIOR FOR USERS OF 
COMPUTER SYSTEMS AND APPLICATIONS HOSTED AND MANAGED BY 
THE DEPARTMENT OF THE INTERIOR, 
NATIONAL BUSINESS CENTER 


The following Rules of Behavior (ROB) apply to all users of FPPS and must be reviewed by all users before granting them access to 
the Federal Personnel Payroll System (FPPS). 


1. User Identification: 


o 
o 


A unique User ID is required for each individual FPPS user. User IDs must never be shared between users. 

User IDs possess privileges that are tailored to the duties of the individual user’s job and to the individual user’s level of 
“need-to-know.” Each change in access must be made in writing using the attached form and approved by the user’s 
supervisor. Completed forms are forwarded to the Office of Human Resources Systems Security-Admin personnel (see 
attached form). 

If duties or job requirements change, accesses no longer needed must be removed and new accesses must be requested. 
Supervisors are responsible for notifying the Security-Admin personnel whenever such changes occur so that the user’s 
accesses can be changed to suit the new duty or job requirements. 

When employment terminates, for any reason, a user’s access must be terminated. Supervisors are responsible for 
notifying the Security-Admin personnel whenever a user leaves the organization, so that the user’s access authorities can 
be removed. Under no circumstances may the logon account of a terminated user be given to another individual. 


2. Passwords: 


o 


Passwords are considered private and confidential. Users are prohibited from sharing their FPPS password(s). Attempting 
to enter an incorrect password three times will result in your user access being revoked. If you receive a message stating 
that you have been revoked, contact one of the SPOCs. 
To minimize the risk of having the system compromised as a result of poor password selection; users are responsible for 
selecting passwords that are difficult to guess. FPPS users must follow these password guidelines: 
= Passwords must be eight characters exactly — no more, no less. 
= Passwords must begin and end with an alpha-character. 
= Passwords must contain at least one numeric character in positions 2 through 7. 
= New (changed) passwords may not be revisions of an old password. Reuse of the same password with a different 
prefix or suffix is not permitted. 
Dictionary words, derivatives of User IDs, and common character sequences may not be used. 
Personal details such as a spouse’s name, license plates, social security numbers and birthdays should not be used 
unless accompanied by additional unrelated characters. 
Proper names, geographical locations, common acronyms, and slang should not be used. 
If exposed or compromised, passwords must be changed immediately. 


3. General User Responsibilities 


Users are responsible for using NBC-managed computer systems and associated data for business purposes only. 

Users of NBC-managed systems and applications may not access, or attempt to access, data for which they are not 
authorized. 

Users are responsible for protecting the confidentiality of data associated with the NBC-managed system or application to 
which they have been granted access, based on the sensitivity of the data. Such data may not be given to unauthorized 
persons. 

Users should report suspected or actual security violations to their supervisor or Security-Admin/SPOC, and where 
appropriate, to the application security administrator. 

Casual browsing of sensitive or Privacy Act FPPS information, such as personnel data, is prohibited. FPPS users should only 
access FPPS data when there is an official business reason. 

Users are accountable for all actions associated with the use of their assigned user ID and may be held responsible for 
unauthorized actions found to be intentional, malicious, or negligent. Each user must protect his/her user ID by never 
allowing another person to use or share his/her logon session. Because the logon session is directly associated with an 
individual user ID, the user is personally accountable for all actions performed with the user ID. 
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o When employment terminates, for any reason, a user’s access must be terminated. Supervisors are responsible for 
notifying the Security-Admin personnel whenever a user leaves the organization, so that the user’s access authorities can 
be removed. Under no circumstances may the logon account of a terminated user be given to another individual. 


4. Security-Admin/Point of Contact 


Security-Admin/SPOCs are designated for each organization. Access to production data is approved and controlled by the data 
owner, through the SPOC for each application or system. SPOCs are responsible for: 


Approving and coordinating all requests for user access to the systems or applications they control. 
Complying with the ROB, which is completed during the SPOC assignment process and returned to the NBC IT Security 
Administration Office. 
Implementing controls to provide reasonable assurance that: 
Physical and logical access to NBC-managed systems and applications, using computer terminals, is restricted to 
authorized users. 
Audit reports of system use, made available by the NBC, are regularly reviewed. 
Computer Security Incident Response procedures are in use at the user's site for reporting incidents involving or 
impacting NBC-managed systems and applications. 
User access to NBC-managed systems and applications is properly authorized and assigned, and that segregation of 
duties is properly maintained. 
Reporting all suspected or actual security violations involving an NBC-managed system or application, to the NBC IT 
Security Administration Office. 


5. Consequences for Non-Compliance with these Rules of Behavior 
The consequences of Federal employee or contractor behavior not consistent with these rules may result in revocation of access to 


FPPS, and wherever such actions may be applicable, disciplinary action consistent with the nature and scope of the infraction may be 
applied. 
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